From bcd68ee24953d4148e12cd3ab6c05d49db090c36 Mon Sep 17 00:00:00 2001
From: Jon Ayers <jon@coder.com>
Date: Thu, 24 Oct 2024 01:21:18 +0100
Subject: [PATCH] fix: fix build in security workflow (#15209)

- Fixes an issue where building the Docker image failed due to moving
the directory hosting the Dockerfile
- Removed the Palo Alto scanning since our subscription there is set to
expire. Trivy is still running though.
---
 .github/workflows/security.yaml | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index b06157722a..5ae6de7b2f 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -96,7 +96,7 @@ jobs:
           # version in the comments will differ. This is also defined in
           # ci.yaml.
           set -x
-          cd dogfood
+          cd dogfood/contents
           DOCKER_BUILDKIT=1 docker build . --target proto -t protoc
           protoc_path=/usr/local/bin/protoc
           docker run --rm --entrypoint cat protoc /tmp/bin/protoc > $protoc_path
@@ -144,16 +144,6 @@ jobs:
           path: trivy-results.sarif
           retention-days: 7
 
-      # Prisma cloud scan runs last because it fails the entire job if it
-      # detects vulnerabilities. :|
-      - name: Run Prisma Cloud image scan
-        uses: PaloAltoNetworks/prisma-cloud-scan@124b48d8325c23f58a35da0f1b4d9a6b54301d05 # v1.6.7
-        with:
-          pcc_console_url: ${{ secrets.PRISMA_CLOUD_URL }}
-          pcc_user: ${{ secrets.PRISMA_CLOUD_ACCESS_KEY }}
-          pcc_pass: ${{ secrets.PRISMA_CLOUD_SECRET_KEY }}
-          image_name: ${{ steps.build.outputs.image }}
-
       - name: Send Slack notification on failure
         if: ${{ failure() }}
         run: |